A method comprises pairing a virtual machine instance with a virtual agent that is registered with registry in an execution environment. In this regard, upon instantiating the virtual machine and the corresponding virtual agent, the virtual agent monitors for transaction(s), e.g., a specific invoked method, on that execution environment. The virtual agent is also configured for generating an event in response to detecting the transaction. The virtual agent provides a unique signature associated with the event, which identifies the origin of the virtual machine instance. Still further, the virtual agent is configured for forwarding the event to the registry for collating with other events so as to produce composite end-to-end logs of processes in a manner that enables provenance.
Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A method comprising: instantiating, in a cloud computing environment that supports dynamic provisioning and decommissioning of virtual machine instances, a virtual machine, whereupon a corresponding virtual agent is also automatically instantiated, wherein the virtual agent is independent from the virtual machine; pairing the virtual machine with the corresponding virtual agent, whereupon the virtual agent monitors for a transaction performed by the paired virtual machine; registering the virtual agent with a persistent registry that stores provenance information independently of underlying virtual machine transaction data; and performing by the virtual agent: detecting an occurrence of the transaction performed by the paired virtual machine, where the occurrence of the transaction is in response to the virtual machine participating in a process carried out in the cloud computing environment; generating an event in response to detecting the occurrence of the transaction, where the generated event includes provenance information associated with the virtual machine by encoding into the event, a signature that uniquely identifies an origin of the virtual machine; and forwarding the event to the registry; wherein: the forwarded event is collected with other events so as to produce a composite end-to-end log of the process in a manner that enables provenance of the virtual machine as participating in the process; and the provenance information includes information associated with the virtual machine associated with the provenance information to provide origin information about the transaction data from the virtual machine.
In a cloud environment where virtual machines (VMs) can be dynamically created and destroyed, this system automatically pairs each VM with a dedicated "virtual agent". This agent, separate from the VM, monitors the VM's activity for specific "transactions" (e.g., function calls). When a transaction occurs, the agent generates an "event" containing provenance information. This information includes a unique signature identifying the VM's origin. The agent then forwards this event to a central registry. The registry collects these events, creating a complete end-to-end log of processes within the cloud, enabling tracking of a VM's participation in those processes and providing origin details for the transaction data.
2. The method of claim 1 , wherein: pairing the virtual machine with the corresponding virtual agent comprises: pre-configuring a virtual machine template such that when executed, the virtual machine template automatically instantiates both the virtual machine and the virtual agent.
To pair a virtual machine with its virtual agent, a pre-configured virtual machine template is used. When this template is executed, it automatically creates both the virtual machine and its corresponding virtual agent. This eliminates manual configuration and ensures every VM has an agent monitoring its transactions as per the method described in the previous claim: instantiating, in a cloud computing environment that supports dynamic provisioning and decommissioning of virtual machine instances, a virtual machine, whereupon a corresponding virtual agent is also automatically instantiated, wherein the virtual agent is independent from the virtual machine; pairing the virtual machine with the corresponding virtual agent, whereupon the virtual agent monitors for a transaction performed by the paired virtual machine; registering the virtual agent with a persistent registry that stores provenance information independently of underlying virtual machine transaction data; and performing by the virtual agent: detecting an occurrence of the transaction performed by the paired virtual machine, where the occurrence of the transaction is in response to the virtual machine participating in a process carried out in the cloud computing environment; generating an event in response to detecting the occurrence of the transaction, where the generated event includes provenance information associated with the virtual machine by encoding into the event, a signature that uniquely identifies an origin of the virtual machine; and forwarding the event to the registry; wherein: the forwarded event is collected with other events so as to produce a composite end-to-end log of the process in a manner that enables provenance of the virtual machine as participating in the process; and the provenance information includes information associated with the virtual machine associated with the provenance information to provide origin information about the transaction data from the virtual machine.
3. The method of claim 1 , wherein: encoding into the event, a signature that uniquely identifies the origin of the virtual machine instance comprises: computing the signature based upon a 1-way hash.
To uniquely identify the origin of the virtual machine in the generated event (as described in the first claim: A method comprising: instantiating, in a cloud computing environment that supports dynamic provisioning and decommissioning of virtual machine instances, a virtual machine, whereupon a corresponding virtual agent is also automatically instantiated, wherein the virtual agent is independent from the virtual machine; pairing the virtual machine with the corresponding virtual agent, whereupon the virtual agent monitors for a transaction performed by the paired virtual machine; registering the virtual agent with a persistent registry that stores provenance information independently of underlying virtual machine transaction data; and performing by the virtual agent: detecting an occurrence of the transaction performed by the paired virtual machine, where the occurrence of the transaction is in response to the virtual machine participating in a process carried out in the cloud computing environment; generating an event in response to detecting the occurrence of the transaction, where the generated event includes provenance information associated with the virtual machine by encoding into the event, a signature that uniquely identifies an origin of the virtual machine; and forwarding the event to the registry; wherein: the forwarded event is collected with other events so as to produce a composite end-to-end log of the process in a manner that enables provenance of the virtual machine as participating in the process; and the provenance information includes information associated with the virtual machine associated with the provenance information to provide origin information about the transaction data from the virtual machine), the virtual agent computes a signature based on a one-way hash function. This ensures that the signature cannot be easily reversed to reveal the original identifying information while providing a consistent identifier for provenance tracking.
4. The method of claim 3 , wherein: computing the signature based upon a 1-way hash comprises computing a 1-way hash of a unique identification assigned to the virtual agent, and a timestamp.
The signature (as described in the third claim: encoding into the event, a signature that uniquely identifies the origin of the virtual machine instance comprises: computing the signature based upon a 1-way hash) is computed by applying a one-way hash function to a unique ID assigned to the virtual agent, combined with a timestamp. This creates a unique signature for each event linked to a particular VM at a specific point in time. The VM's contribution to a process can be traced by instantiating, in a cloud computing environment that supports dynamic provisioning and decommissioning of virtual machine instances, a virtual machine, whereupon a corresponding virtual agent is also automatically instantiated, wherein the virtual agent is independent from the virtual machine; pairing the virtual machine with the corresponding virtual agent, whereupon the virtual agent monitors for a transaction performed by the paired virtual machine; registering the virtual agent with a persistent registry that stores provenance information independently of underlying virtual machine transaction data; and performing by the virtual agent: detecting an occurrence of the transaction performed by the paired virtual machine, where the occurrence of the transaction is in response to the virtual machine participating in a process carried out in the cloud computing environment; generating an event in response to detecting the occurrence of the transaction, where the generated event includes provenance information associated with the virtual machine by encoding into the event, a signature that uniquely identifies an origin of the virtual machine; and forwarding the event to the registry.
5. The method of claim 1 , wherein: detecting an occurrence of the transaction performed by the paired virtual machine comprises: detecting at least one of a call, and a return call.
When a virtual agent detects a transaction performed by its paired VM (as described in the first claim: A method comprising: instantiating, in a cloud computing environment that supports dynamic provisioning and decommissioning of virtual machine instances, a virtual machine, whereupon a corresponding virtual agent is also automatically instantiated, wherein the virtual agent is independent from the virtual machine; pairing the virtual machine with the corresponding virtual agent, whereupon the virtual agent monitors for a transaction performed by the paired virtual machine; registering the virtual agent with a persistent registry that stores provenance information independently of underlying virtual machine transaction data; and performing by the virtual agent: detecting an occurrence of the transaction performed by the paired virtual machine, where the occurrence of the transaction is in response to the virtual machine participating in a process carried out in the cloud computing environment; generating an event in response to detecting the occurrence of the transaction, where the generated event includes provenance information associated with the virtual machine by encoding into the event, a signature that uniquely identifies an origin of the virtual machine; and forwarding the event to the registry; wherein: the forwarded event is collected with other events so as to produce a composite end-to-end log of the process in a manner that enables provenance of the virtual machine as participating in the process; and the provenance information includes information associated with the virtual machine associated with the provenance information to provide origin information about the transaction data from the virtual machine), the detection includes capturing either the initial function call or the return call from that function. This allows tracking both the invocation and completion of operations for comprehensive provenance information.
6. The method of claim 1 , wherein: detecting an occurrence of the transaction performed by the paired virtual machine comprises: detecting a transaction derived at an applications programming interface (API) layer.
The virtual agent monitors a transaction performed by its paired VM (as per claim 1's method for tracking provenance in cloud environments) by detecting transactions occurring at the application programming interface (API) layer. Specifically, the method encompasses instantiating, in a cloud computing environment that supports dynamic provisioning and decommissioning of virtual machine instances, a virtual machine, whereupon a corresponding virtual agent is also automatically instantiated, wherein the virtual agent is independent from the virtual machine; pairing the virtual machine with the corresponding virtual agent, whereupon the virtual agent monitors for a transaction performed by the paired virtual machine; registering the virtual agent with a persistent registry that stores provenance information independently of underlying virtual machine transaction data; and performing by the virtual agent: detecting an occurrence of the transaction performed by the paired virtual machine, where the occurrence of the transaction is in response to the virtual machine participating in a process carried out in the cloud computing environment; generating an event in response to detecting the occurrence of the transaction, where the generated event includes provenance information associated with the virtual machine by encoding into the event, a signature that uniquely identifies an origin of the virtual machine; and forwarding the event to the registry; wherein: the forwarded event is collected with other events so as to produce a composite end-to-end log of the process in a manner that enables provenance of the virtual machine as participating in the process; and the provenance information includes information associated with the virtual machine associated with the provenance information to provide origin information about the transaction data from the virtual machine.
7. The method of claim 1 , wherein: detecting an occurrence of the transaction performed by the paired virtual machine comprises: detecting a transaction as an atomic event.
When a virtual agent monitors for a transaction performed by a paired virtual machine, as described in Claim 1 (A method comprising: instantiating, in a cloud computing environment that supports dynamic provisioning and decommissioning of virtual machine instances, a virtual machine, whereupon a corresponding virtual agent is also automatically instantiated, wherein the virtual agent is independent from the virtual machine; pairing the virtual machine with the corresponding virtual agent, whereupon the virtual agent monitors for a transaction performed by the paired virtual machine; registering the virtual agent with a persistent registry that stores provenance information independently of underlying virtual machine transaction data; and performing by the virtual agent: detecting an occurrence of the transaction performed by the paired virtual machine, where the occurrence of the transaction is in response to the virtual machine participating in a process carried out in the cloud computing environment; generating an event in response to detecting the occurrence of the transaction, where the generated event includes provenance information associated with the virtual machine by encoding into the event, a signature that uniquely identifies an origin of the virtual machine; and forwarding the event to the registry; wherein: the forwarded event is collected with other events so as to produce a composite end-to-end log of the process in a manner that enables provenance of the virtual machine as participating in the process; and the provenance information includes information associated with the virtual machine associated with the provenance information to provide origin information about the transaction data from the virtual machine), the system detects the transaction as an atomic event, meaning that it is treated as an indivisible unit of work.
8. The method of claim 1 further comprising: generating a dashboard view by identifying select events collected into the registry that are associated with the process, wherein events are generated by different virtual agents working together to monitor different activities of the process associated with their corresponding virtual machines; and arranging the select events as connected icons that illustrate the end-to-end flow of the process throughout a distributed infrastructure in the context of a composite process.
Technology Domain: Distributed Systems Monitoring and Visualization Problem: Monitoring and understanding the end-to-end flow of complex processes executed across a distributed infrastructure, especially when multiple virtual agents are involved in monitoring different activities. Invention Summary: This invention provides a method for monitoring and visualizing processes running on a distributed infrastructure. The method involves collecting events generated by various virtual agents. These virtual agents are responsible for monitoring different activities of a process, with each agent typically associated with a specific virtual machine. The core of the invention lies in generating a dashboard view. This view is created by identifying and selecting specific events from the collected registry that are directly related to the process being monitored. These selected events are then visually represented as connected icons. The arrangement of these icons is designed to illustrate the complete, end-to-end flow of the process as it progresses through the distributed infrastructure. This visualization is particularly useful in the context of composite processes, where multiple sub-processes or activities are orchestrated together. The connected icons provide a clear and intuitive representation of how different parts of the process interact and flow across the entire system.
9. The method of claim 8 , wherein: encoding into the event, a signature that uniquely identifies the origin of the virtual machine instance comprises: computing the signature based upon a 1-way hash of a unique identification assigned to the virtual agent, and a timestamp; further comprising: identifying a particular event in the dashboard view; identifying the signature associated with the particular event; and retrospectively verifying that the signature was generated by the unique identification at the time associated with the timestamp.
This invention relates to virtual machine (VM) event tracking and verification. The problem addressed is ensuring the authenticity and traceability of events generated by virtual machine instances, particularly in distributed or cloud computing environments where verifying the origin and integrity of events is critical for security and auditing. The method involves encoding a unique signature into each event generated by a virtual agent within a virtual machine instance. The signature is computed using a one-way hash function applied to a unique identifier assigned to the virtual agent and a timestamp. This ensures that the signature is both unique to the virtual agent and time-bound, preventing tampering or spoofing. When an event is displayed in a dashboard view, a user can select a particular event and retrieve its associated signature. The system then verifies that the signature was indeed generated by the unique identifier of the virtual agent at the time indicated by the timestamp. This retrospective verification process confirms the authenticity of the event, ensuring that it originated from the claimed virtual machine instance and was not altered. The use of a one-way hash function ensures that the signature cannot be reverse-engineered to reveal the unique identifier or timestamp, while still allowing for verification of the event's origin and integrity. This method enhances security and trust in virtual machine event logging and monitoring systems.
10. The method of claim 8 , wherein: generating a dashboard view by identifying select events collected into the registry that are associated with the process comprise: representing each displayed event as an atomic transaction that occurred to fulfill the process; and identifying on which virtual machine each atomic transaction occurred.
This invention relates to process monitoring and visualization in virtualized computing environments. The problem addressed is the lack of clear visibility into how processes execute across multiple virtual machines, making it difficult to track and analyze process execution. The method involves generating a dashboard view that provides a detailed breakdown of process execution. Events collected into a registry are analyzed to identify those associated with a specific process. Each identified event is represented as an atomic transaction, showing discrete actions that contribute to fulfilling the process. The method further determines which virtual machine each atomic transaction occurred on, allowing users to track process execution across distributed virtual environments. The registry stores events from multiple sources, and the method filters these events to isolate those relevant to the process of interest. By mapping each atomic transaction to its corresponding virtual machine, the dashboard provides a clear, granular view of process execution. This helps users understand dependencies, performance bottlenecks, and resource utilization across virtualized infrastructure. The visualization enables better troubleshooting, optimization, and compliance monitoring in dynamic computing environments.
11. Computer-readable hardware that stores machine-executable program code for providing provenance of processes in a cloud environment, wherein the program code instructs a processor to: instantiate, in a cloud computing environment that supports dynamic provisioning and decommissioning of virtual machine instances, a virtual machine, whereupon a corresponding virtual agent is also automatically instantiated, wherein the virtual agent is independent from the virtual machine; pair the virtual machine with the corresponding virtual agent, whereupon the virtual agent monitors for a transaction performed by the paired virtual machine; register the virtual agent with a persistent registry that stores provenance information independently of underlying virtual machine transaction data; perform by the virtual agent: detect an occurrence of the transaction performed by the paired virtual machine, where the occurrence of the transaction is in response to the virtual machine participating in a process carried out in the cloud computing environment; generate an event in response to detecting the occurrence of the transaction, where the generated event includes provenance information associated with the virtual machine by encoding into the event, a signature that uniquely identifies an origin of the virtual machine; and forward the event to the registry; wherein: the forwarded event is collected with other events so as to produce a composite end-to-end log of the process in a manner that enables provenance of the virtual machine as participating in the process; and the provenance information includes information associated with the virtual machine associated with the provenance information to provide origin information about the transaction data from the virtual machine.
Cloud computing security and auditing. This invention addresses the need to track and verify the origin and actions of virtual machines (VMs) within dynamic cloud environments. The system involves computer-readable hardware storing program code that instructs a processor. This code enables the instantiation of a VM in a cloud environment that allows for dynamic creation and deletion of VMs. Crucially, when a VM is instantiated, a separate, independent virtual agent is also automatically created. The VM and its corresponding agent are then paired. The virtual agent's function is to monitor the paired VM. The agent is registered with a persistent registry that stores provenance information separately from the actual transaction data. When the paired VM performs a transaction as part of a cloud process, the virtual agent detects this transaction. In response, the agent generates an event containing provenance information. This provenance information includes a unique signature identifying the VM's origin. The event is then sent to the registry. Multiple such events are collected to create a comprehensive log of the process, allowing for end-to-end tracking of the VM's participation and providing origin details for transaction data.
12. The computer-readable hardware of claim 11 , wherein the program code to: pair the virtual machine with the virtual agent comprises program code to: pre-configure a virtual machine template such that when executed, the virtual machine template automatically instantiates both the virtual machine and the virtual agent.
The computer-readable hardware from claim 11 includes program code that uses a virtual machine template to automatically create both the VM and its virtual agent. When executed, the template handles the creation of both components, ensuring every VM has an agent monitoring its transactions as per the method described in the previous claim: instantiating, in a cloud computing environment that supports dynamic provisioning and decommissioning of virtual machine instances, a virtual machine, whereupon a corresponding virtual agent is also automatically instantiated, wherein the virtual agent is independent from the virtual machine; pairing the virtual machine with the corresponding virtual agent, whereupon the virtual agent monitors for a transaction performed by the paired virtual machine; registering the virtual agent with a persistent registry that stores provenance information independently of underlying virtual machine transaction data; and performing by the virtual agent: detecting an occurrence of the transaction performed by the paired virtual machine, where the occurrence of the transaction is in response to the virtual machine participating in a process carried out in the cloud computing environment; generating an event in response to detecting the occurrence of the transaction, where the generated event includes provenance information associated with the virtual machine by encoding into the event, a signature that uniquely identifies an origin of the virtual machine; and forwarding the event to the registry; wherein: the forwarded event is collected with other events so as to produce a composite end-to-end log of the process in a manner that enables provenance of the virtual machine as participating in the process; and the provenance information includes information associated with the virtual machine associated with the provenance information to provide origin information about the transaction data from the virtual machine.
13. The computer-readable hardware of claim 11 , wherein the program code to: encode into the event, a signature that uniquely identifies the origin of the virtual machine instance comprises program code to: compute the signature based upon a 1-way hash.
This invention relates to computer security, specifically methods for securely identifying the origin of virtual machine instances in a cloud computing environment. The problem addressed is the need to verify the authenticity and integrity of virtual machine instances to prevent unauthorized modifications or spoofing, which can compromise security in cloud-based systems. The invention involves a system that encodes a unique signature into an event associated with a virtual machine instance. This signature is derived from a one-way hash computation, ensuring that the origin of the virtual machine instance can be cryptographically verified. The one-way hash function provides a tamper-evident mechanism, making it computationally infeasible to reverse-engineer the original input from the hash output. This ensures that any alteration to the virtual machine instance or its metadata would result in a detectable change in the signature. The system may also include additional components, such as a virtual machine manager that generates and manages the virtual machine instances, and a monitoring module that tracks events related to these instances. The monitoring module captures events such as instance creation, modification, or termination, and embeds the computed signature into these events. This allows for auditing and verification of the virtual machine's lifecycle, ensuring that only authorized instances are operating within the cloud environment. By using a one-way hash for signature computation, the system provides a robust mechanism for origin verification, enhancing security in cloud computing environments where virtual machine integrity is critical.
14. The computer-readable hardware of claim 13 , wherein the program code to: compute the signature based upon a 1-way hash comprises program code to: computing a 1-way hash of a unique identification assigned to the virtual agent, and a timestamp.
This invention relates to computer security and specifically to methods for verifying the authenticity of virtual agents. The problem addressed is the need to ensure that a virtual agent is genuine and has not been tampered with or impersonated. The system involves a computer-readable hardware component that stores program code. This program code is designed to compute a signature for a virtual agent. The signature is generated based on a one-way hash function. The hashing process specifically takes two inputs: a unique identification assigned to the virtual agent and a timestamp. By hashing these two pieces of information, a unique and non-reversible signature is created. This signature can then be used to verify the integrity and origin of the virtual agent at a later time. The use of a unique identifier ensures that the signature is specific to that particular virtual agent, while the timestamp adds a temporal element, potentially allowing for the detection of stale or outdated agents.
15. The computer-readable hardware of claim 11 , wherein the program code to: detect an occurrence of the transaction performed by the paired virtual machine, comprises program code to: detect at least one of a call, and a return call.
The computer-readable hardware from claim 11 includes program code to detect transactions by the virtual agent, which involves detecting function calls and/or the return calls from those functions. This code is part of the system that provides provenance of processes in a cloud environment, wherein the program code instructs a processor to: instantiate, in a cloud computing environment that supports dynamic provisioning and decommissioning of virtual machine instances, a virtual machine, whereupon a corresponding virtual agent is also automatically instantiated, wherein the virtual agent is independent from the virtual machine; pair the virtual machine with the corresponding virtual agent, whereupon the virtual agent monitors for a transaction performed by the paired virtual machine; register the virtual agent with a persistent registry that stores provenance information independently of underlying virtual machine transaction data; perform by the virtual agent: detect an occurrence of the transaction performed by the paired virtual machine, where the occurrence of the transaction is in response to the virtual machine participating in a process carried out in the cloud computing environment; generate an event in response to detecting the occurrence of the transaction, where the generated event includes provenance information associated with the virtual machine by encoding into the event, a signature that uniquely identifies an origin of the virtual machine; and forward the event to the registry; wherein: the forwarded event is collected with other events so as to produce a composite end-to-end log of the process in a manner that enables provenance of the virtual machine as participating in the process; and the provenance information includes information associated with the virtual machine associated with the provenance information to provide origin information about the transaction data from the virtual machine. Detecting both call and return calls contributes to better tracking of transactions.
16. The computer-readable hardware of claim 11 , wherein the program code to: detect an occurrence of the transaction performed by the paired virtual machine, comprises program code to: detect a transaction derived at an applications programming interface (API) layer.
The computer-readable hardware from claim 11 has program code that identifies transactions by detecting activity at the API layer. The transactions detected by the agent are related to code that provides provenance of processes in a cloud environment, wherein the program code instructs a processor to: instantiate, in a cloud computing environment that supports dynamic provisioning and decommissioning of virtual machine instances, a virtual machine, whereupon a corresponding virtual agent is also automatically instantiated, wherein the virtual agent is independent from the virtual machine; pair the virtual machine with the corresponding virtual agent, whereupon the virtual agent monitors for a transaction performed by the paired virtual machine; register the virtual agent with a persistent registry that stores provenance information independently of underlying virtual machine transaction data; perform by the virtual agent: detect an occurrence of the transaction performed by the paired virtual machine, where the occurrence of the transaction is in response to the virtual machine participating in a process carried out in the cloud computing environment; generate an event in response to detecting the occurrence of the transaction, where the generated event includes provenance information associated with the virtual machine by encoding into the event, a signature that uniquely identifies an origin of the virtual machine; and forward the event to the registry; wherein: the forwarded event is collected with other events so as to produce a composite end-to-end log of the process in a manner that enables provenance of the virtual machine as participating in the process; and the provenance information includes information associated with the virtual machine associated with the provenance information to provide origin information about the transaction data from the virtual machine. Detecting at the API layer provides a broader view.
17. The computer-readable hardware of claim 11 , wherein the program code to: detect an occurrence of the transaction performed by the paired virtual machine, comprises program code to: detect a transaction as an atomic event.
The computer-readable hardware from claim 11 includes program code that detects a transaction as an atomic event. This code allows the tracking of provenance by instructing a processor to: instantiate, in a cloud computing environment that supports dynamic provisioning and decommissioning of virtual machine instances, a virtual machine, whereupon a corresponding virtual agent is also automatically instantiated, wherein the virtual agent is independent from the virtual machine; pair the virtual machine with the corresponding virtual agent, whereupon the virtual agent monitors for a transaction performed by the paired virtual machine; register the virtual agent with a persistent registry that stores provenance information independently of underlying virtual machine transaction data; perform by the virtual agent: detect an occurrence of the transaction performed by the paired virtual machine, where the occurrence of the transaction is in response to the virtual machine participating in a process carried out in the cloud computing environment; generate an event in response to detecting the occurrence of the transaction, where the generated event includes provenance information associated with the virtual machine by encoding into the event, a signature that uniquely identifies an origin of the virtual machine; and forward the event to the registry; wherein: the forwarded event is collected with other events so as to produce a composite end-to-end log of the process in a manner that enables provenance of the virtual machine as participating in the process; and the provenance information includes information associated with the virtual machine associated with the provenance information to provide origin information about the transaction data from the virtual machine. This means the system treats a transaction as an indivisible unit of work.
18. The computer-readable hardware of claim 11 further comprising program code to: generate a dashboard view by identifying select events collected into the registry that are associated with the process, wherein events are generated by different virtual agents working together to monitor different activities of the process associated with their corresponding virtual machines; and arranges the select events as connected icons that illustrate the end-to-end flow of the process throughout a distributed infrastructure in the context of a composite process.
This invention relates to monitoring and visualizing distributed processes in a virtualized infrastructure. The problem addressed is the difficulty of tracking and analyzing complex processes that span multiple virtual machines and involve interactions between different virtual agents. The solution provides a system that collects and organizes process-related events into a registry, where each event is generated by virtual agents monitoring specific activities of the process on their corresponding virtual machines. The system then generates a dashboard view by selecting relevant events from the registry and arranging them as connected icons. These icons visually represent the end-to-end flow of the process across the distributed infrastructure, showing how different activities and virtual agents contribute to the overall process. The dashboard provides a composite view of the process, allowing users to understand the interactions and dependencies between different components in a distributed environment. The system enhances visibility into complex, multi-agent processes, improving troubleshooting and performance analysis in virtualized systems.
19. The computer-readable hardware of claim 18 , wherein the program code to: encode into the event, a signature that uniquely identifies the origin of the virtual machine instance comprises program code to: compute the signature based upon a 1-way hash of a unique identification assigned to the virtual agent, and a timestamp; further comprising program code to: identify a particular event in the dashboard view; identify the signature associated with the particular event; and verify retrospectively, that the signature was generated by the unique identification at the time associated with the timestamp.
This invention relates to virtual machine (VM) event tracking and verification in a computing environment. The problem addressed is ensuring the authenticity and traceability of events generated by virtual machine instances, particularly to prevent tampering or spoofing of event data. The system involves a computer-readable hardware medium storing program code that encodes a signature into an event generated by a virtual machine instance. The signature uniquely identifies the origin of the VM instance by computing a one-way hash of a unique identifier assigned to the virtual agent (a component of the VM) and a timestamp. This ensures that the event can be traced back to its source and the exact time it was generated. The system also includes functionality to identify a specific event in a dashboard view, extract the associated signature, and verify retrospectively whether the signature was generated by the unique identifier at the time indicated by the timestamp. This verification process helps confirm the integrity and authenticity of the event data, ensuring that it has not been altered or falsified. The use of a one-way hash ensures that the original unique identifier and timestamp cannot be derived from the signature, providing an additional layer of security. This approach is particularly useful in environments where event logs must be trusted for auditing, compliance, or forensic analysis.
20. The computer-readable hardware of claim 18 , wherein the program code to: generate a dashboard view that identifies select events collected into the registry that are associated with the process comprises program code to: represent each displayed event as an atomic transaction that occurred to fulfill the process; and identify on which virtual machine each atomic transaction occurred.
This invention relates to a system for monitoring and analyzing process execution in a virtualized computing environment. The system addresses the challenge of tracking and visualizing the execution of processes across multiple virtual machines, particularly in distributed or cloud-based systems where process steps may be distributed across different virtualized resources. The invention provides a hardware-based solution with program code that generates a dashboard view to display select events collected into a registry, where these events are associated with a specific process. The dashboard represents each displayed event as an atomic transaction that occurred to fulfill the process, allowing users to see discrete steps in the process execution. Additionally, the system identifies on which virtual machine each atomic transaction occurred, providing visibility into the distributed nature of the process. This helps users understand the flow of operations across virtualized resources, troubleshoot issues, and optimize performance. The system enhances transparency in process execution by breaking down complex workflows into individual transactions and mapping them to their respective virtual machines, improving debugging and performance analysis in virtualized environments.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
July 15, 2014
June 27, 2017
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.